I am new to api development in Ruby On Rails. In the rails app I have devise for authenticating and I also want to use doorkeeper for OAuth2 login on the apis. I don't know how can I implement Api and how to use doorkeeper for that. Can anyone please explain it with the steps that I need to follow to implement this?
1 Answer
To implement apis i personally like to use grape, by following the readme you will be up and running in no time :)
To integrate grape with doorkeeper instead you can either use wine_bouncer, or grape-doorkeeper.
Now depending on who consumes your api, doorkeeper comes with 4 authorization grants, i quite recommend you to read the different grant types and their usage, you can read this oauth2 simplified article too.
To make doorkeeper to play along with devise you will need to modify your doorkeeper initializer as following:
The resource_owner_authenticator block is usually called when you do a authorization or implict grant request:
resource_owner_authenticator do |routes|
# Put your resource owner authentication logic here.
# If you want to use named routes from your app you need
# to call them on routes object eg.
# routes.new_user_session_path
current_user || warden.authenticate!(:scope => :user)
end
You can check out the example apps at the doorkeeper wiki.
The password grant instead uses the resource_owner_from_credentials block and according to the wiki you can configure it as follow:
resource_owner_from_credentials do |routes|
request.params[:user] = {:email => request.params[:username], :password => request.params[:password]}
request.env["devise.allow_params_authentication"] = true
request.env["warden"].authenticate!(:scope => :user)
end
Some resources that might help you :
- railscasts
- Building REST APIs with Rails
- surviving api *building api in a rails application
- grape in rails
Hope it helps
